On Fri, September 26, 2014 5:13 pm, John R Pierce wrote: > On 9/26/2014 2:51 PM, Always Learning wrote: >> Probably all Windoze > > linux apache web servers with the bash exploit are getting owned en > masse today. my (patched) internet web server has logged 100s and > 100s of attempts like... > > 66.186.2.172 - - [26/Sep/2014:00:49:29 -0700] "GET /cgi-bin/test.sh I feel really stupid, but I have to ask. If your server wasn't patched, it only would have owned by the above if that file exists, is executable by apache and it indeed invokes bash (say, has #!/bin/bash or whatever bash location is as first line), right? ;-) Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++